
Zoek.exe v5.0.0.0 Updated 19-10-2014
Tool run by Gebruiker on wo 22-10-2014 at 21:15:32,36.

Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gebruiker\Desktop\Tumbnails (3)\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-08-28-113616.log	70905 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\ASIO4ALL v2 deleted successfully
C:\PROGRA~2\BlueStacks deleted successfully
C:\PROGRA~2\DAEMON Tools Lite deleted successfully
C:\PROGRA~2\GUM22AC.tmp deleted successfully
C:\PROGRA~2\GUM6BF.tmp deleted successfully
C:\PROGRA~2\GUM721A.tmp deleted successfully
C:\PROGRA~2\GUMB367.tmp deleted successfully
C:\PROGRA~2\GUMD1C0.tmp deleted successfully
C:\PROGRA~2\GUMD72C.tmp deleted successfully
C:\PROGRA~2\Rome - Total War deleted successfully
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\Users\Gebruiker\AppData\Roaming\Awesomium deleted successfully
C:\Users\Gebruiker\AppData\Local\Dxtory Software deleted successfully
C:\Users\Gebruiker\AppData\Local\Razer deleted successfully
C:\Users\Gebruiker\AppData\Local\Solid State Networks deleted successfully
C:\Users\Gebruiker\AppData\Local\WarThunder deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_USERS\S-1-5-21-223674675-785221109-3218615783-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7] 
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter] 
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster] 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\IObit\IObit Malware Fighter not found
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\Program Files (x86)\Pando Networks deleted
C:\PROGRA~3\SummerSoft deleted
C:\PROGRA~3\Teddy App deleted
C:\PROGRA~2\GUM5297.tmp deleted
C:\Users\Gebruiker\AppData\Roaming\temp.ini deleted
C:\Users\Gebruiker\048298C9A4D3490B9FF9AB023A9238F3.TMP deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Gebruiker\AppData\Local\CrashRpt deleted
C:\Users\Gebruiker\AppData\LocalLow\{1DCFFFF2-72DC-8510-A4F3-54A622E9BB5B} deleted
C:\Users\Gebruiker\AppData\LocalLow\ADSRemoval deleted
C:\Users\Gebruiker\AppData\LocalLow\boost_interprocess deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\Windows\wininit.ini deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\Gebruiker\Setup.exe deleted
C:\Users\Gebruiker\worldpainter_64_1.10.0.exe deleted
C:\Users\Gebruiker\worldpainter_64_1.9.3.exe deleted
"C:\PROGRA~3\e3e59694bc728f43\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}" deleted
"C:\PROGRA~3\e3e59694bc728f43\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}.old" deleted
"C:\PROGRA~3\e3e59694bc728f43" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
2014-10-21 14:41:37	7014290E1DF324444023C3EE75D54630	208896	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\drm_dyndata_7350008.dll
====== Java Cache =====
2014-10-22 19:14:47	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-4ba72314
2014-10-22 19:14:48	9D2A9405113DC15ACF1DD9C52D27A7B4	425	----a-w-	C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap
2014-10-22 19:14:47	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-10647660
2014-10-07 19:05:34	FA4513EAD4867F7DF66822FCA1AFCDE3	19521	----a-w-	C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\2ea66e94-43d59b10
2014-10-07 19:05:34	BBF25E5D1E829D56434E15824A461EC2	417	----a-w-	C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\3ea4bc22-3200b4c91aa5ea8a52d9a00d01355dccfda2daa70b8f0690ecb829e5f3cd77f3-6.0.lap
2014-10-07 19:33:16	AB50805C42FF8A64892C1F10E6BD0E46	133237512	----a-w-	C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\5a61be65-36cfce4e
2014-10-22 19:14:48	34FA8033B50A3F99D3AB8209C72C0ABA	6860	----a-w-	C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-42df7b7c
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2014-10-07 16:36:54	BC72F198968C1D483435F29ACFAFEA78	910920	----a-w-	C:\Windows\Sysnative\drivers\VBoxDrv.sys
2014-10-07 16:36:50	97F31032ECA2AA9CD6F456ADEA27EDA4	129168	----a-w-	C:\Windows\Sysnative\drivers\VBoxUSBMon.sys
2014-09-24 16:56:33	1AF619620613869C07F9C147BC37520F	38048	----a-w-	C:\Windows\Sysnative\drivers\nvvad64v.sys
====== C:\Windows\Tasks ======
2014-10-20 12:27:52	347C84176627D5D340C25F5BD3943F69	3342	----a-w-	C:\Windows\Sysnative\Tasks\{922A8CFD-1786-4500-8F69-21AA9842A271}
2014-10-20 12:22:52	B330A680ED7947F53DE3F952F8A7A4FF	3324	----a-w-	C:\Windows\Sysnative\Tasks\{5830F77F-BB9E-41F4-8C2A-7E1BFABD9BAC}
2014-10-20 12:22:30	498222E2FEC8AE7C7A98D7085E7257B5	3240	----a-w-	C:\Windows\Sysnative\Tasks\{0F7BA327-23A7-4CCE-9D63-F722684F7197}
2014-09-23 15:21:45	29812E978F757824F1B87C0D2E593E5F	2986	----a-w-	C:\Windows\Sysnative\Tasks\{5ECB0803-0B95-48EB-84E8-4AF4F292347E}
2014-09-23 15:21:18	29812E978F757824F1B87C0D2E593E5F	2986	----a-w-	C:\Windows\Sysnative\Tasks\{C3D8BE4A-719F-46E6-BD25-06EE47923D17}
2014-09-23 15:20:53	29812E978F757824F1B87C0D2E593E5F	2986	----a-w-	C:\Windows\Sysnative\Tasks\{D80E786C-C32A-4229-ADA2-E799B9E61AA8}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-10-20 16:39:52	--------	d-----w-	C:\Program Files\trend micro
2014-10-07 16:50:16	--------	d-----w-	C:\Program Files\Oracle
2014-09-30 18:30:56	--------	d-----w-	C:\Program Files\OBS
======= C:\PROGRA~2 =====
2014-10-22 19:14:11	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2014-10-21 12:21:30	--------	d-----w-	C:\PROGRA~2\NEXON
2014-10-17 18:05:02	--------	d-----w-	C:\PROGRA~2\Spring
2014-10-17 16:27:10	--------	d-----w-	C:\PROGRA~2\Mirillis
2014-09-30 18:40:14	--------	d-----w-	C:\PROGRA~2\SplitmediaLabs
2014-09-30 18:30:55	--------	d-----w-	C:\PROGRA~2\OBS
2014-09-25 15:40:54	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
======= C: =====
====== C:\Users\Gebruiker\AppData\Roaming ======
2014-10-21 12:03:44	--------	d-----w-	C:\Users\Gebruiker\AppData\Local\Akamai
2014-10-19 20:26:21	--------	d-----w-	C:\Users\Gebruiker\AppData\Locallow\Facepunch Studios LTD
2014-10-17 18:05:23	--------	d-----w-	C:\Users\Gebruiker\AppData\Roaming\springlobby
2014-10-17 18:05:03	--------	d-----w-	C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spring
2014-10-17 16:27:51	--------	d-----w-	C:\Users\Gebruiker\AppData\Roaming\Mirillis
2014-10-17 16:27:20	--------	d-----w-	C:\Users\Gebruiker\AppData\Local\Mirillis
2014-10-11 22:25:01	--------	d-----w-	C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DarthMod Empire
2014-10-09 17:57:42	--------	d-----w-	C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Lord of the Rings - Total War OPEN BETA
2014-09-30 18:31:10	--------	d-----w-	C:\Users\Gebruiker\AppData\Roaming\OBS
2014-09-30 18:30:58	--------	d-----w-	C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-09-30 18:29:26	--------	d-----w-	C:\Users\Gebruiker\AppData\Roaming\SplitmediaLabs
2014-09-25 16:25:28	--------	d-----w-	C:\Users\Gebruiker\AppData\Roaming\LolClient
====== C:\Users\Gebruiker ======
2014-10-21 12:37:11	--------	d-----w-	C:\ProgramData\Nexon
2014-10-21 12:34:53	--------	d-----w-	C:\ProgramData\NexonEU
2014-10-21 12:30:32	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NEXON
2014-10-21 12:20:49	A02897EC9923F031245684A8C9DD7CF4	136292055	----a-w-	C:\Users\Gebruiker\Setup-4.bin
2014-10-21 12:15:18	E29D0DF1F8935C4ED6E6E89F867E9A05	2000000000	----a-w-	C:\Users\Gebruiker\Setup-3.bin
2014-10-21 12:09:47	3B26BA49733725E1847E70F8F20B99E3	2000000000	----a-w-	C:\Users\Gebruiker\Setup-2.bin
2014-10-21 12:04:12	EEB38C148D42DA696604F6DC85E862CA	1999496704	----a-w-	C:\Users\Gebruiker\Setup-1.bin
2014-10-21 10:39:10	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dotjosh Studios
2014-10-20 15:58:24	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-10-20 15:36:39	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Gebruiker\Desktop\RSITx64.exe
2014-10-17 18:05:03	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spring
2014-10-17 16:27:51	--------	d-----w-	C:\ProgramData\Mirillis
2014-10-17 16:27:11	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-10-12 12:02:45	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DarthMod Empire
2014-09-30 18:40:14	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2014-09-25 15:40:54	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-23 14:13:10	--------	d-----w-	C:\Users\Gebruiker\.VirtualBox

====== C: exe-files ==
2014-10-22 19:13:44	AA3520FB0133A56BEE1DB34D74DBEF64	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2014-10-22 19:13:44	75D477E868CA51EC1B09D730570F322B	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaw.exe
2014-10-22 19:13:44	691D49FB44EDE9788288CABE4F7E0DAF	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaws.exe
2014-10-22 19:13:40	E3E6B18458FFB07CB24D7A0BA77C9FDF	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe
2014-10-22 19:13:40	DC197DCE6325CBAC905DE0D0E3BA3E8E	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe
2014-10-22 19:13:40	BB8C890E3E6372F2720709262BD42BF4	30632	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe
2014-10-22 19:13:40	B719E0F43166037DF46B5CFBE60A5118	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe
2014-10-22 19:13:40	AA3520FB0133A56BEE1DB34D74DBEF64	176552	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe
2014-10-22 19:13:40	A458E2535E46151690E53E2A03FAA711	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe
2014-10-22 19:13:40	9BFAEF308D50779F6B255CB7BA7DCA5A	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe
2014-10-22 19:13:40	7AB1F1B3FB6C3DACA34EA2F988CDF5AC	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe
2014-10-22 19:13:40	75EE99C7F0038C746D82C76221ECA4EF	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe
2014-10-22 19:13:40	75D477E868CA51EC1B09D730570F322B	176552	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe
2014-10-22 19:13:40	74713E9C1B01B152DDD3A1A3519A3647	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe
2014-10-22 19:13:40	70E67429D2C011FD0419AF899A8D0D70	68520	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe
2014-10-22 19:13:40	691D49FB44EDE9788288CABE4F7E0DAF	272296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe
2014-10-22 19:13:40	67F763B09F4BC8689E6FA9761E068D74	159656	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe
2014-10-22 19:13:40	57E1F756FAA787623DFCD2C1B2AACC68	51112	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe
2014-10-22 19:13:40	4367C05B0CF5553E71B34F51003D0615	76200	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe
2014-10-22 19:13:40	4109C4DB4BD48F5BF8115C7523A6B6F8	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe
2014-10-22 19:13:40	33D2AF53E209DA3E2BA939EB89801DC0	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe
2014-10-22 19:13:40	29E65AC6AFD8A0A9CAA361FF6F7B4886	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe
2014-10-22 19:13:40	28FC00F89631B0F6E1E9CA386FADD566	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe
2014-10-22 19:13:40	26C7F32186B1F0364CD06EA69227A79D	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe
2014-10-22 19:13:06	3A582BF6FD39DC6A52AAF316126B40BA	638888	----a-w-	C:\Users\Gebruiker\Desktop\Tumbnails (3)\chromeinstall-8u25.exe
2014-10-21 19:03:14	AA5D818D6FF0AD757D0DA4A982B63F37	331952	----a-w-	C:\Users\Gebruiker\AppData\Local\NVIDIA\NvBackend\Packages\000063ef\DRS update.18761999.exe
2014-10-21 19:03:14	97740A4960B2472BEDA2D07E259513F3	4227128	----a-w-	C:\Users\Gebruiker\AppData\Local\NVIDIA\NvBackend\Packages\00006673\DAO.18991687.exe
2014-10-21 12:34:58	E78E1417B1CE0783C9B8324865CB1299	1782840	----a-w-	C:\Program Files (x86)\NEXON\Europe MapleStory\HShield\ahnrpt.exe
2014-10-21 12:34:54	C55A40E86096B2C417D21D38A933175F	267264	----a-r-	C:\Program Files (x86)\NEXON\Europe MapleStory\HShield\Update\autoup.exe
2014-10-21 12:30:32	B7528CB8DFDC71194BDD5C21A4925895	159568	----a-w-	C:\Program Files (x86)\NEXON\Europe MapleStory\HShield\HSUpdate.exe
2014-10-21 12:27:08	8DE8BD48D513FEDB8D0C6F48F1A3A0E5	409600	----a-w-	C:\Program Files (x86)\NEXON\Europe MapleStory\Setup.exe
2014-10-21 12:26:47	39124B7D9F5D29EA7C9AA01B1B45687E	5854208	----a-w-	C:\Program Files (x86)\NEXON\Europe MapleStory\Patcher.exe
2014-10-21 12:24:18	7CA137F13A975629A1C34540395A52CF	14977120	----a-w-	C:\Program Files (x86)\NEXON\Europe MapleStory\MapleStory.exe
2014-10-21 12:21:35	F01128CDF354E1BBBE089EBA5B329086	248568	----a-w-	C:\Program Files (x86)\NEXON\Europe MapleStory\ASPLnchr.exe
2014-10-21 12:21:31	53222DE671FE241EE8E683F788287BE9	714739	----a-w-	C:\Program Files (x86)\NEXON\Europe MapleStory\unins000.exe
2014-10-21 12:03:47	CF7E0CB1E591DE610585BE6026396642	4570000	----a-w-	C:\Users\Gebruiker\AppData\Local\Akamai\ControlPanel.exe
2014-10-21 12:03:20	646CBD6D84E1FDECC87F4E9C33673231	10552296	----a-w-	C:\Users\Gebruiker\Desktop\Tumbnails (3)\NexonEU_Installer.exe
2014-10-21 10:51:52	260270746A2A84379D4BF84D292B4F06	594304	----a-w-	C:\Users\Gebruiker\Desktop\Tumbnails (3)\BEService_x64.exe
2014-10-20 17:55:02	F4CE1C18D147B306C2CBDDC279A90397	2733864	----a-w-	C:\Users\Gebruiker\AppData\Local\NVIDIA\NvBackend\Packages\00006034\vops-battlefield_3.18784284.exe
2014-10-20 16:39:53	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Gebruiker.exe
2014-10-20 15:57:18	AA3D914219B49A567270C0BD735EE7E9	2580552	----a-w-	C:\Program Files (x86)\Origin Games\Battlefield 3\pbsvc.exe
2014-10-20 15:36:39	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Gebruiker\Desktop\RSITx64.exe
2014-10-20 15:36:26	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Gebruiker\Desktop\Tumbnails (3)\RSITx64.exe
2014-10-20 12:15:49	260270746A2A84379D4BF84D292B4F06	594304	----a-w-	C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
2014-10-18 22:37:15	68270679465EC5A66B65489C6E44AD64	11100752	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\38.0.2125.104\38.0.2125.104_37.0.2062.124_chrome_updater.exe
2014-10-17 18:06:16	8803A820F8B14051737937BEBC529D82	4249694	----a-w-	C:\Users\Gebruiker\Documents\My Games\Spring\engine\91.0\pr-downloader.exe
2014-10-17 18:06:16	388B1FC010F9E84C0B6BA5506328F432	2340285	----a-w-	C:\Users\Gebruiker\Documents\My Games\Spring\engine\91.0\spring-dedicated.exe
2014-10-17 18:06:16	07019AF4DCB6399750A8674637ED1217	4870144	----a-w-	C:\Users\Gebruiker\Documents\My Games\Spring\engine\91.0\spring-multithreaded.exe
2014-10-17 18:05:55	ABC7DA5DA384DDB7BDA5BE254E26F4E7	22998857	----a-w-	C:\Users\Gebruiker\Desktop\Tumbnails (3)\spring_98.0 (1).exe
2014-10-17 18:05:09	5FF3396426B38D1D2FC604EB547B3683	238311	----a-w-	C:\Program Files (x86)\Spring\uninst.exe
2014-10-17 18:05:03	EE0DCE2C43D67900A9DDB499F3ADEA63	1082985	----a-w-	C:\Program Files (x86)\Spring\pr-downloader.exe
2014-10-17 18:05:03	7D146252DD0DC2A075402770E63626EE	14681016	----a-w-	C:\Program Files (x86)\Spring\spring.exe
2014-10-17 18:04:33	ABC7DA5DA384DDB7BDA5BE254E26F4E7	22998857	----a-w-	C:\Users\Gebruiker\Desktop\Tumbnails (3)\spring_98.0.exe
2014-10-17 16:27:11	030B9A508924F8E3007CBD7D920E24BE	464113	----a-w-	C:\Program Files (x86)\Mirillis\Action!\Uninstall.exe
2014-10-17 16:26:46	1A04A3AC7ED3223BA4E7D6402EBB3F7D	20547896	----a-w-	C:\Users\Gebruiker\Desktop\Tumbnails (3)\action_1_19_2_setup.exe
2014-10-17 16:15:39	B66107921709278E2566059C04638212	8296264	----a-w-	C:\Users\Gebruiker\AppData\Local\NVIDIA\NvBackend\Packages\00006635\vops-hawken.18982567.exe
2014-10-17 16:15:39	14BD4A5D45EDC3B552FC44EB079FB421	3034472	----a-w-	C:\Users\Gebruiker\AppData\Local\NVIDIA\NvBackend\Packages\0000663c\vops-smite.18982567.exe
2014-10-17 16:15:34	F33B2BAC968BE5A7AE84964B2B6465FD	423664	----a-w-	C:\Users\Gebruiker\AppData\Local\NVIDIA\NvBackend\Packages\00006647\CoProc update.18983142.exe
2014-10-16 16:10:35	C20B2699CD060B02CB385085DBB935C2	304512	----a-w-	C:\Users\Gebruiker\AppData\Local\NVIDIA\NvBackend\Packages\000065e4\streaming-assets-league_of_legends.18975565.exe
2014-10-16 16:10:35	900501725923A67DEB88B3606397A880	375040	----a-w-	C:\Users\Gebruiker\AppData\Local\NVIDIA\NvBackend\Packages\000065c0\streaming-assets-battlefield_4.18975565.exe
2014-10-16 16:10:35	61051BC132E14B884EB2E7A810D5F91A	357144	----a-w-	C:\Users\Gebruiker\AppData\Local\NVIDIA\NvBackend\Packages\000065c3\streaming-assets-borderlands_2.18975565.exe
=== C: other files ==
2014-10-22 19:13:40	CE44A9D4918DCDC7CCCF5503BF4D7A3D	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip
2014-10-17 18:05:59	EB508B4D1FAD2FF77F72C3B15DA30C62	28245625	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\tmpD645.tmp.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-223674675-785221109-3218615783-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Gyazo"="C:\Program Files (x86)\Gyazo\GyStation.exe"
"Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"Akamai NetSession Interface"="C:\Users\Gebruiker\AppData\Local\Akamai\netsession_win.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-223674675-785221109-3218615783-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"APVXDWIN"="C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\APVXDWIN.EXE /s"
"SCANINICIO"="C:\Program Files (x86)\Panda Security\Panda Antivirus Pro 2014\Inicio.exe"
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"IMSS"="C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"
"Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Gyazo"="C:\Program Files (x86)\Gyazo\GyStation.exe"
"Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"Akamai NetSession Interface"="C:\Users\Gebruiker\AppData\Local\Akamai\netsession_win.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Desura]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Desura"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Desura\\desura.exe -autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EADM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="EADM"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Origin\\Origin.exe\" -AutoStart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Users\\Gebruiker\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\Gebruiker\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SpybotSD TeaTimer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SpybotSD TeaTimer"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Spybot - Search & Destroy\\TeaTimer.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Steam"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Steam\\Steam.exe\" -silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YouCam Service]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="YouCam Service"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\CyberLink\\YouCam\\YouCamService.exe\" /s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\YouCam Service6]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="YouCam Service6"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\CyberLink\\YouCam6\\YouCamService6.exe\" /s"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\APNMCP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TeamViewer8]


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [24-09-2014 17:01]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-10-2013 17:56]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-10-2013 17:56]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-GEBRUIKER-BOVEN-Gebruiker" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\FRAPS" [C:\Fraps\fraps.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\{0660F465-9BD0-4EFF-B827-08022C406870}" [C:\Users\Gebruiker\Desktop\Minecraft.exe]
"C:\Windows\SysNative\tasks\{13703E37-95E0-449A-B2F9-034C7A29AB86}" [C:\Program Files (x86)\Windows Live\Mail\wlmail.exe]
"C:\Windows\SysNative\tasks\{3A8BA294-F365-49E1-98E6-4772DECCA4D1}" [C:\Program Files (x86)\Windows Live\Mail\wlmail.exe]
"C:\Windows\SysNative\tasks\{4D96E8E5-9B2F-4A27-B922-12D4D8663D6B}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/6.9.0.106/nl/go/help.faq.installer?LastError=1603]
"C:\Windows\SysNative\tasks\{5ECB0803-0B95-48EB-84E8-4AF4F292347E}" [C:\Program Files\Oracle\VirtualBox\VirtualBox.exe]
"C:\Windows\SysNative\tasks\{740C0E33-C986-47C4-A2B6-39D92E41CC18}" [C:\Program Files (x86)\Origin\Origin.exe]
"C:\Windows\SysNative\tasks\{9294BD7B-A026-4BED-A8B7-F84703DB3E0E}" [C:\Program Files (x86)\Windows Live\Mail\wlmail.exe]
"C:\Windows\SysNative\tasks\{9D4585C2-D589-482C-A359-DDF4D71A81CF}" [C:\Users\Gebruiker\Desktop\Minecraft.exe]
"C:\Windows\SysNative\tasks\{B3ABAA8A-4E24-4D1A-9F21-368253887FD6}" [C:\Program Files (x86)\Windows Live\Mail\wlmail.exe]
"C:\Windows\SysNative\tasks\{BF60D210-59FE-4950-9EFA-50D12A4C1009}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/6.9.0.106/nl/go/help.faq.installer?LastError=1601]
"C:\Windows\SysNative\tasks\{C3D8BE4A-719F-46E6-BD25-06EE47923D17}" [C:\Program Files\Oracle\VirtualBox\VirtualBox.exe]
"C:\Windows\SysNative\tasks\{C4EE6718-7D64-4BA4-8370-D3A1C65D1E41}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]
"C:\Windows\SysNative\tasks\{D80E786C-C32A-4229-ADA2-E799B9E61AA8}" [C:\Program Files\Oracle\VirtualBox\VirtualBox.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Chromium Look ======================

Google Docs - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Last updated at time on date - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\6374e866-abdb-4951-b9bb-6c6f5b390da8 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\d2a0e582-6c50-4090-a2ea-f77ee05736c8 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1E46E368-B873-399C-DDC1-860342605C00} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1FA2CCA7-83D6-CF9B-4CD8-FF31337DA1A4} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3CD202C3-DB79-78F2-669F-8B33AEDF54D2} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4C903ACC-3A64-49C4-7BA2-17D6A5BC07A1} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5D0098B8-D27B-F0B7-55FF-4DE1D1622C0A} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C334F825-2542-7F94-ECED-21BF71D86FA8} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Service deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Service6 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================


==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on wo 22-10-2014 at 23:17:34,92 ======================